- Laravel 12 with Sanctum authentication - API versioning with grazulex/laravel-apiroute - spatie/laravel-query-builder for filtering/sorting - spatie/laravel-data for DTOs - dedoc/scramble for auto API documentation - Pest PHP testing framework - Docker development environment - Standardized JSON API responses - Rate limiting and CORS configuration - Comprehensive README documentation
51 lines
1.3 KiB
PHP
51 lines
1.3 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\ServiceProvider;
|
|
|
|
class AppServiceProvider extends ServiceProvider
|
|
{
|
|
/**
|
|
* Register any application services.
|
|
*/
|
|
public function register(): void
|
|
{
|
|
//
|
|
}
|
|
|
|
/**
|
|
* Bootstrap any application services.
|
|
*/
|
|
public function boot(): void
|
|
{
|
|
$this->configureRateLimiting();
|
|
}
|
|
|
|
/**
|
|
* Configure the rate limiters for the application.
|
|
*/
|
|
protected function configureRateLimiting(): void
|
|
{
|
|
// Default API rate limiter - 60 requests per minute
|
|
RateLimiter::for('api', function (Request $request) {
|
|
return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
|
|
});
|
|
|
|
// Auth endpoints - more restrictive (prevent brute force)
|
|
RateLimiter::for('auth', function (Request $request) {
|
|
return Limit::perMinute(5)->by($request->ip());
|
|
});
|
|
|
|
// Authenticated user requests - higher limit
|
|
RateLimiter::for('authenticated', function (Request $request) {
|
|
return $request->user()
|
|
? Limit::perMinute(120)->by($request->user()->id)
|
|
: Limit::perMinute(60)->by($request->ip());
|
|
});
|
|
}
|
|
}
|